docs: Add 'Customizing library models for Rust' documentation#21727
docs: Add 'Customizing library models for Rust' documentation#21727coadaflorin wants to merge 5 commits intomainfrom
Conversation
Add documentation for customizing library models for Rust using data extension files. This follows the pattern of existing documentation for other languages (Java, Python, Ruby, Go, C#, C++, JavaScript). The documentation covers: - Rust-specific extensible predicates (sourceModel, sinkModel, summaryModel, neutralModel) with their simplified schema - Canonical path syntax for identifying Rust functions and methods - Examples using real models from the codebase (sqlx, reqwest, std::env, std::path, Iterator::map) - Access path token reference (Argument, Parameter, ReturnValue, Element, Field, Reference, Future) - Source and sink kind reference - Threat model integration Also updates codeql-for-rust.rst to include the new page in the toctree. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Add barrierModel and barrierGuardModel sections to the Rust library models documentation, following the pattern established in PR #21523 for other languages. Includes: - New extensible predicate descriptions in the overview - Example: barrier for SQL injection using escape_sql - Example: barrier guard for path injection using is_safe_path - Reference material for both barrierModel and barrierGuardModel Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
geoffw0
left a comment
There was a problem hiding this comment.
Partially reviewed. I need to continue from "Examples of custom model definitions", then check final rendering and links. We will also want a docs team review at some point.
| - ``data`` defines one or more rows of tuples that are injected as values into the extensible predicate. The number of columns and their types must match the definition of the extensible predicate. | ||
|
|
||
| Data extensions use union semantics, which means that the tuples of all extensions for a single extensible predicate are combined, duplicates are removed, and all of the remaining tuples are queryable by referencing the extensible predicate. | ||
|
|
There was a problem hiding this comment.
We appear to be missing the "Publish data extension files in a CodeQL model pack to share" section that most of the other languages have, e.g. here. I think it can be copied in word-for-word.
There was a problem hiding this comment.
I asked Copilot to add one for me and it did below.
| - **Free functions**: ``crate::module::function``, for example ``std::env::var`` or ``std::fs::read_to_string``. | ||
| - **Inherent methods**: ``<Type>::method``, for example ``<std::fs::File>::open``. | ||
| - **Trait methods with a concrete type**: ``<Type as Trait>::method``, for example ``<std::fs::File as std::io::Read>::read_to_end``. | ||
| - **Trait methods with a wildcard type**: ``<_ as Trait>::method``, for example ``<_ as core::clone::Clone>::clone``. This form matches any type that implements the trait and is useful for modeling broadly applicable trait methods. |
There was a problem hiding this comment.
I don't see this section in the doc for other languages, I think Copilot may have synthesised it entirely ... but it looks really helpful, and as far as I can tell, correct.
There was a problem hiding this comment.
As someone with no familiarity with rust, it looks helpful to me. (Assuming it's correct.)
…for-rust.rst Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Add the 'Publish data extension files in a CodeQL model pack to share' section, matching the structure used in C#, C++, Go, and Java docs. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Summary
Adds a new documentation page: Customizing library models for Rust, following the pattern of existing documentation for other languages:
What's included
The documentation covers Rust-specific concepts:
sourceModel,sinkModel,summaryModel,neutralModelwith Rust's simplified 3-5 column schema (vs Java/Go's 9-10 column schema)crate::module::function,<Type>::method,<Type as Trait>::method,<_ as Trait>::method)Reference(for&T),Future(for async),Fieldwith Rust enum variant syntaxsqlxreqwest::getstd::env::varreqwest::Response::text(async)std::path::Path::join(multiple inputs)Iterator::map(higher-order, wildcard trait)Option::mapChanges
docs/codeql/codeql-language-guides/customizing-library-models-for-rust.rstdocs/codeql/codeql-language-guides/codeql-for-rust.rst— added toctree entry and description